SlideShare a Scribd company logo

Information Society with Absolute Trust in the Services

L
lucgathy

Personal data residing or in transit, across and between administration networks are the focus of extensive security efforts. Encryption should be deployed judiciously. In this presentation, check how we safeguard information, processes and procedures in three practical cases: • Data-processing tools to fight social fraud (OASIS datawarehouse) • Sign and deposit of notary acts (e-Depot platform) • Identity Management at European-level (Services directive)

1 of 24
Download to read offline
Gov IT Summit 2009 – Antwerpen, 21 Septembre 2009 Information Society with Absolute Trust in the Services Luc Gathy page 1
What citizens expect ? Factors encouraging the use of e-ID The assurance that the law on data protection is complied with The guarantee that the data is not sold on or re-used A label or logo proving that the service is secure An individual file of my data and transactions so that I know what information about me is held Obtaining a receipt after providing information Information on the information system Information on how the data I have provided is used Testimonies of people who have used the system. page 2
What citizens expect ? Factors encouraging the use of e-Services If my privacy is completely respected If I can choose which personal data I want to provide If the service is free If the service saves me time If it is very easy to register If my friends have strongly recommended it to me Who should offer these services A government organization (federal, local), A company, a specialist service provider A non-profit organization page 3
To summarize ... Active and responsible relation is expected with Public Services Simplification and rapidity as issuing conditions to the usage of e- Services to organize “my” everiday life Transparency Methods of conserving and consulting data Conditions for storing this data Controls in place, also for subcontractors involved in processing the personal data Consistency intra- and between platforms (codes, signs and products) No extra cost page 4
e-Depot :Overview Notary 1 2 3 4 5 e-Notariat interface Consult Monitor the Write deed Deposit digital Update e-Gov authentic status of and extracts deed sources sources deposits e-Gov interface Moni- National Bis Company Justice teur register register register files Belge (*) Dep. Social Inneres security Dep. Economy Department Justice (*) Belgian Official Gazette Clerk Citizen page 5
e-Depot: Partnership & SOA infrastructure Tracebility through “Certificates chain” and “Timestamping” (XAdES standards) Social Server KSZ security NationalServer RRN register Server Server L AM n rtio üS (3) se as Logs Notaris 4 Notary 4 eID Real Server Server r Card certificaat certificaat Nat N 4 1 Nat Nr eID 2 Nat Nr eID Notaris Notary KFBN Server FRNB Server Federal Server FSB service bus (FSB) Server 6 5/7 Notaris Notary FOD/Justitie Dep. Justice FOD/Economie Dep. Economy Server Server Server Server page 6
e-Depot: New workflow Find physical(s) person(s) FPHP by National number Dep. RRN Inneres Notary Notariaat Find foreign natural person(s) Social KSZ security Creation / Update of data FMOP Find a moral person (company’s / enterprise’s) FOD Dep. FRNB Portal economy Economie Deed preparation PRSU Deed processing Federal service bus (FSB) Creation of a new enterprise Dep. FOD ( New Enterprise number created ) economy Economie KFBN FSB -NOT - Deposition of deeds Dep. FOD e-Depot Justice ( Submission of files, Justitie (web) number & date of deposit returned ) services Activation of the enterprise FOD Dep. Economie economy Publication in the “Moniteur” Dep. FOD Dep. Justice Justitie BS Justice ( Date of publication) FPHP = Manage phy sical person details FMOP = Manage mo ral person details Forward of the final status to Moniteur the network Dep. FOD Belge PRSU = Process sub mittal of an electronic notary deed Justice Justitie page 7
e-Depot: A best practice We meet the “Trust” requirements: « Authentic digital Act Signed Electronically » Recognition: & http://www.epractice.eu/cases/edepot page 8
OASIS: Overview Registre national DMFA Dimona Chômage Chantiers (ONEM) (Construction) Travail- Employ- leurs eurs Comptes & recouvrements Actions sur les «Sources authentiques» Vue «Employeur » Déclarations Vue «Travailleur » Fichier Dettes TVA TVA Clients-fournisseurs page 9
OASIS: Outputs page 10
OASIS: Outputs 9 page 11
OASIS: Outputs page 12
OASIS: Recognition “Crime such as fraud cause loss of revenue and require human resources to trace and handle them. Electronic systems for fraud detection can increase the detection rate by automatically carrying out checks and controls. The Belgian Anti-Fraud Datawarehouse project has developed a model whereby the need for precious resources in terms of both time and personnel has been cut and which has enabled more focused investigations leading to an increased apprehension rate. This example also illustrates as possible solution to tackle issues related to security and trust, a major concern for both front and back office users and for clients.” Ecrit par Christine Leitner (Head of eEurope Awards Project Management Secretariat and Senior Lecturer, EIPA Maastricht) dans la revue “Eipascope” numéro 2004/1 page 40. More details: http://www.epractice.eu/cases/OASIS2 page 13
OASIS: What about « Big Brother » syndrome ? « Commission for the protection of privacy » special autorisation: Délibération n° 01/06 du 6 mars 2001 relative à une demande du Ministère des Affaires sociales, de la Santé publique et de l'Environnement pour la création et la gestion d'une banque de données OASIS, en vue de la lutte contre la fraude sociale dans les secteurs de la construction, de la construction métallique, de l'électricité et des parcs et jardins. Délibération n° 05/001 du 18 janvier 2005 relative à la création et gestion de la banque de données OASIS en vue de la lutte contre la fraude sociale - Extension de l'autorisation comprise dans la délibération n° 01/06 du 6 mars 2001. Encryption of the personal data For the detection process ... With limited opportunities to retrieve the original version In the investigation process page 14
Positioning of Belgium Reliability of our Civil Register (Parent database) Contains the “founding documents” upon which identification security is to be based A unique identification system Not multiple unified or partitioned Traceability of all transactions performed, e.g. by Civil servants Example: “Mondossier” or “MyFile” e-ID as an electronic identification system guaranteed by the State A “Service-oriented” State in construction For the Individual/Citizen: State’s back office own structure hidden (“Citizen Centric”), facilitation for learning, promoting the service, accessibility and responsiveness (face-to-face and electronic) For government bodies: Migrate from paper-based to electronic culture, prioritization of the need for transparency, maintain “Social cohesion”, cross-functional shared framework (for the fluidity of the processing), Circle of Trust, legal validity of paperless procedures. page 15
Positioning of Belgium Protection of individual’s privacy and personal data Principle of “end goals” (bind to mandates) and “proportionality” (Example: Driving licence = 18 or over  No need to know the age or date of birth) Five Trusted party commissions for privacy protection, compartmentalized by domain; Public-sector administration/Interior ministry Finance Health Social matters Justice Introduction or mixed access to commercial and non-commercial services carried out with great precision. ... And ensuring the public’s interests ! page 16
Services Directive: Overview Abolish restrictive legislation and practices hindering service providers Set up Point of Single Contact Applicants must be able to: – Find rules and formalities they need to comply with – Complete applications electronically (submit application forms, supporting documents, fee payment) Autorités Compétentes « Interlocuteur Prestataire Prestataire unique » établi de services Guichet Unique Prestataire non établi Administration co-operation improved with counterparts in other EU countries page 17
Services Directive: Issues Recognition of electronic documents across Member States (MS) borders, requires: Common set - or at least understanding – of signature and document formats (structured and unstructured) Necessary information for validation of e-Docs Signature format for (qualified) electronic signature should be defined Date of public registers has to be accessible (read only) to authorities of MS, involves questions: How to identify a requesting authority?  eID LSP STORK How to search for and find a certain record in accordance with national data protection rules? How to retrieve and validate it? page 18
Services Directive: Issues (continue) Point of Single Contact Authentication Service Federal Authentication Service + Federated Identity and CA Access Management (FIAM) CA FAS CA + Trust relationship IdP CA PsC IdP SSO IdP SP IdP SP SP SP SP SP IdP: Identity provider SSO: Single-sign-on SP: Service provider CA: Certification authority page 19
Services Directive: Issues (continue) e-Delivery service MS A Additional issues e-Procedure e-Doc safe MS B page 20
Services Directive: Issues (continue) National e-delivery systems have to become interoperable: How can a sending authority find the appropriate messaging service? How to interface with it? How to identify individual recipients and their addresses? How to get confirmation of delivery and receipt? Data safes can make online transactions during an official procedure more efficient, comfortable and user friendly, but: How to access an e-Document safe of MS A across borders during an electronic transaction in MS B? How to retrieve a particular document? How to authorise public authorities for asynchronous access to data safes? Is there a need for a standard document inventory to find equivalent in other MS? page 21
Services Directive: Issues (continue) Cross border payment of administrative fees: Service providers should be able to use their local payment system (e.g. credit card and online banking) with foreign public administrations Common service directory needed: Description of service interface as well as of process models Service orientation independently of a particular national portal Allowing integration (partial or complete) in others MS ! page 22
Conclusion Authority Trust Traceability Transparency = Four “untouchable” fundamental components !  Included in our future work to avoid… page 23
Q&A page 24

Recommended

Studiedag Energie En Monumenten Syllabus
Studiedag Energie En Monumenten SyllabusStudiedag Energie En Monumenten Syllabus
Studiedag Energie En Monumenten Syllabusvernimna
 
LKF Portfolio
LKF PortfolioLKF Portfolio
LKF PortfolioLeon Francis
 
Why Iowa 09 Updated
Why Iowa 09 UpdatedWhy Iowa 09 Updated
Why Iowa 09 Updatedleisajfox
 
Cross Media Marketing 2010
Cross Media Marketing 2010Cross Media Marketing 2010
Cross Media Marketing 2010jfmconcepts
 
Teaching Students with Emojis, Emoticons, & Textspeak
Teaching Students with Emojis, Emoticons, & TextspeakTeaching Students with Emojis, Emoticons, & Textspeak
Teaching Students with Emojis, Emoticons, & TextspeakShelly Sanchez Terrell
 
Hype vs. Reality: The AI Explainer
Hype vs. Reality: The AI ExplainerHype vs. Reality: The AI Explainer
Hype vs. Reality: The AI ExplainerLuminary Labs
 
E To The Rescue: Opportunity in Mortgage Servicing and Loss Mitigation
E To The Rescue: Opportunity in Mortgage Servicing and Loss MitigationE To The Rescue: Opportunity in Mortgage Servicing and Loss Mitigation
E To The Rescue: Opportunity in Mortgage Servicing and Loss MitigationCDB Consultancy LLC
 
Dutch Cadastre, UNECE/WPLA Conference, Frank Tierolff LLM
Dutch Cadastre, UNECE/WPLA Conference, Frank Tierolff LLMDutch Cadastre, UNECE/WPLA Conference, Frank Tierolff LLM
Dutch Cadastre, UNECE/WPLA Conference, Frank Tierolff LLMLandRegistry
 

Recommended

Studiedag Energie En Monumenten Syllabus
Studiedag Energie En Monumenten SyllabusStudiedag Energie En Monumenten Syllabus
Studiedag Energie En Monumenten Syllabusvernimna
 
LKF Portfolio
LKF PortfolioLKF Portfolio
LKF PortfolioLeon Francis
 
Why Iowa 09 Updated
Why Iowa 09 UpdatedWhy Iowa 09 Updated
Why Iowa 09 Updatedleisajfox
 
Cross Media Marketing 2010
Cross Media Marketing 2010Cross Media Marketing 2010
Cross Media Marketing 2010jfmconcepts
 
Teaching Students with Emojis, Emoticons, & Textspeak
Teaching Students with Emojis, Emoticons, & TextspeakTeaching Students with Emojis, Emoticons, & Textspeak
Teaching Students with Emojis, Emoticons, & TextspeakShelly Sanchez Terrell
 
Hype vs. Reality: The AI Explainer
Hype vs. Reality: The AI ExplainerHype vs. Reality: The AI Explainer
Hype vs. Reality: The AI ExplainerLuminary Labs
 
E To The Rescue: Opportunity in Mortgage Servicing and Loss Mitigation
E To The Rescue: Opportunity in Mortgage Servicing and Loss MitigationE To The Rescue: Opportunity in Mortgage Servicing and Loss Mitigation
E To The Rescue: Opportunity in Mortgage Servicing and Loss MitigationCDB Consultancy LLC
 
Dutch Cadastre, UNECE/WPLA Conference, Frank Tierolff LLM
Dutch Cadastre, UNECE/WPLA Conference, Frank Tierolff LLMDutch Cadastre, UNECE/WPLA Conference, Frank Tierolff LLM
Dutch Cadastre, UNECE/WPLA Conference, Frank Tierolff LLMLandRegistry
 
Session 1. e-ID_esign
Session 1. e-ID_esignSession 1. e-ID_esign
Session 1. e-ID_esigne-SENS project
 
Thomas vochten claims-spsbe26
Thomas vochten claims-spsbe26Thomas vochten claims-spsbe26
Thomas vochten claims-spsbe26BIWUG
 
Edi2
Edi2Edi2
Edi2Lawrel Infotech Pvt Ltd
 
CreditUnionVMS
CreditUnionVMSCreditUnionVMS
CreditUnionVMSTriNovus LLC
 
Digital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDFDigital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDFiText Group nv
 
Comifin cluster meeting
Comifin cluster meetingComifin cluster meeting
Comifin cluster meetingfcleary
 
NFOB Brochure 2011
NFOB Brochure 2011NFOB Brochure 2011
NFOB Brochure 2011DXZcam22
 
Monetizing Joyn with the REST API
Monetizing Joyn with the REST APIMonetizing Joyn with the REST API
Monetizing Joyn with the REST APISolaiemes
 
SharePoint Saturday Houston: SharePoint 2010 Extranets & Claims Authentication
SharePoint Saturday Houston: SharePoint 2010 Extranets & Claims AuthenticationSharePoint Saturday Houston: SharePoint 2010 Extranets & Claims Authentication
SharePoint Saturday Houston: SharePoint 2010 Extranets & Claims AuthenticationBrian Culver
 
Zero Visibility: Critcality of Centralized Log Management - v1
Zero Visibility: Critcality of Centralized Log Management - v1Zero Visibility: Critcality of Centralized Log Management - v1
Zero Visibility: Critcality of Centralized Log Management - v1asherad
 
E-commerce transaction validation using IMS
E-commerce transaction validation using IMS E-commerce transaction validation using IMS
E-commerce transaction validation using IMS Claude Florin
 
Transaction-based Capacity Planning for greater IT Reliability™ webinar
Transaction-based Capacity Planning for greater IT Reliability™ webinar Transaction-based Capacity Planning for greater IT Reliability™ webinar
Transaction-based Capacity Planning for greater IT Reliability™ webinar Metron
 
Travis Wright at Inman Connect July 14 2010
Travis Wright at Inman Connect July 14 2010Travis Wright at Inman Connect July 14 2010
Travis Wright at Inman Connect July 14 2010Wright Strategy Advisors
 
Session10part2 Servers Detailed
Session10part2 Servers DetailedSession10part2 Servers Detailed
Session10part2 Servers DetailedISSGC Summer School
 
Session9part2 Servers Detailed
Session9part2 Servers DetailedSession9part2 Servers Detailed
Session9part2 Servers DetailedISSGC Summer School
 
On Line Legal Services
On Line Legal ServicesOn Line Legal Services
On Line Legal Serviceslegalwebsite
 
I soty v1 0.1 8_9_2011_basanthi
I soty v1 0.1 8_9_2011_basanthiI soty v1 0.1 8_9_2011_basanthi
I soty v1 0.1 8_9_2011_basanthiavinarch
 
BankerVMS
BankerVMSBankerVMS
BankerVMSTriNovus LLC
 
Belgian public sector interoperability
Belgian public sector interoperabilityBelgian public sector interoperability
Belgian public sector interoperabilityE-Government Center Moldova
 
Brochure ascen flow_en_110324
Brochure ascen flow_en_110324Brochure ascen flow_en_110324
Brochure ascen flow_en_110324Galen Hsieh
 

More Related Content

Similar to Information Society with Absolute Trust in the Services

Thomas vochten claims-spsbe26
Thomas vochten claims-spsbe26Thomas vochten claims-spsbe26
Thomas vochten claims-spsbe26BIWUG
 
Digital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDFDigital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDFiText Group nv
 
Comifin cluster meeting
Comifin cluster meetingComifin cluster meeting
Comifin cluster meetingfcleary
 
NFOB Brochure 2011
NFOB Brochure 2011NFOB Brochure 2011
NFOB Brochure 2011DXZcam22
 
Monetizing Joyn with the REST API
Monetizing Joyn with the REST APIMonetizing Joyn with the REST API
Monetizing Joyn with the REST APISolaiemes
 
SharePoint Saturday Houston: SharePoint 2010 Extranets & Claims Authentication
SharePoint Saturday Houston: SharePoint 2010 Extranets & Claims AuthenticationSharePoint Saturday Houston: SharePoint 2010 Extranets & Claims Authentication
SharePoint Saturday Houston: SharePoint 2010 Extranets & Claims AuthenticationBrian Culver
 
Zero Visibility: Critcality of Centralized Log Management - v1
Zero Visibility: Critcality of Centralized Log Management - v1Zero Visibility: Critcality of Centralized Log Management - v1
Zero Visibility: Critcality of Centralized Log Management - v1asherad
 
E-commerce transaction validation using IMS
E-commerce transaction validation using IMS E-commerce transaction validation using IMS
E-commerce transaction validation using IMS Claude Florin
 
Transaction-based Capacity Planning for greater IT Reliability™ webinar
Transaction-based Capacity Planning for greater IT Reliability™ webinar Transaction-based Capacity Planning for greater IT Reliability™ webinar
Transaction-based Capacity Planning for greater IT Reliability™ webinar Metron
 
Travis Wright at Inman Connect July 14 2010
Travis Wright at Inman Connect July 14 2010Travis Wright at Inman Connect July 14 2010
Travis Wright at Inman Connect July 14 2010Wright Strategy Advisors
 
On Line Legal Services
On Line Legal ServicesOn Line Legal Services
On Line Legal Serviceslegalwebsite
 
I soty v1 0.1 8_9_2011_basanthi
I soty v1 0.1 8_9_2011_basanthiI soty v1 0.1 8_9_2011_basanthi
I soty v1 0.1 8_9_2011_basanthiavinarch
 
Brochure ascen flow_en_110324
Brochure ascen flow_en_110324Brochure ascen flow_en_110324
Brochure ascen flow_en_110324Galen Hsieh
 

Similar to Information Society with Absolute Trust in the Services (20)

Session 1. e-ID_esign
Session 1. e-ID_esignSession 1. e-ID_esign
Session 1. e-ID_esign
 
Thomas vochten claims-spsbe26
Thomas vochten claims-spsbe26Thomas vochten claims-spsbe26
Thomas vochten claims-spsbe26
 
Edi2
Edi2Edi2
Edi2
 
CreditUnionVMS
CreditUnionVMSCreditUnionVMS
CreditUnionVMS
 
Digital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDFDigital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDF
 
Comifin cluster meeting
Comifin cluster meetingComifin cluster meeting
Comifin cluster meeting
 
NFOB Brochure 2011
NFOB Brochure 2011NFOB Brochure 2011
NFOB Brochure 2011
 
Monetizing Joyn with the REST API
Monetizing Joyn with the REST APIMonetizing Joyn with the REST API
Monetizing Joyn with the REST API
 
SharePoint Saturday Houston: SharePoint 2010 Extranets & Claims Authentication
SharePoint Saturday Houston: SharePoint 2010 Extranets & Claims AuthenticationSharePoint Saturday Houston: SharePoint 2010 Extranets & Claims Authentication
SharePoint Saturday Houston: SharePoint 2010 Extranets & Claims Authentication
 
Zero Visibility: Critcality of Centralized Log Management - v1
Zero Visibility: Critcality of Centralized Log Management - v1Zero Visibility: Critcality of Centralized Log Management - v1
Zero Visibility: Critcality of Centralized Log Management - v1
 
E-commerce transaction validation using IMS
E-commerce transaction validation using IMS E-commerce transaction validation using IMS
E-commerce transaction validation using IMS
 
Transaction-based Capacity Planning for greater IT Reliability™ webinar
Transaction-based Capacity Planning for greater IT Reliability™ webinar Transaction-based Capacity Planning for greater IT Reliability™ webinar
Transaction-based Capacity Planning for greater IT Reliability™ webinar
 
Travis Wright at Inman Connect July 14 2010
Travis Wright at Inman Connect July 14 2010Travis Wright at Inman Connect July 14 2010
Travis Wright at Inman Connect July 14 2010
 
Session10part2 Servers Detailed
Session10part2 Servers DetailedSession10part2 Servers Detailed
Session10part2 Servers Detailed
 
Session9part2 Servers Detailed
Session9part2 Servers DetailedSession9part2 Servers Detailed
Session9part2 Servers Detailed
 
On Line Legal Services
On Line Legal ServicesOn Line Legal Services
On Line Legal Services
 
I soty v1 0.1 8_9_2011_basanthi
I soty v1 0.1 8_9_2011_basanthiI soty v1 0.1 8_9_2011_basanthi
I soty v1 0.1 8_9_2011_basanthi
 
BankerVMS
BankerVMSBankerVMS
BankerVMS
 
Belgian public sector interoperability
Belgian public sector interoperabilityBelgian public sector interoperability
Belgian public sector interoperability
 
Brochure ascen flow_en_110324
Brochure ascen flow_en_110324Brochure ascen flow_en_110324
Brochure ascen flow_en_110324
 

Information Society with Absolute Trust in the Services

  • 1. Gov IT Summit 2009 – Antwerpen, 21 Septembre 2009 Information Society with Absolute Trust in the Services Luc Gathy page 1
  • 2. What citizens expect ? Factors encouraging the use of e-ID The assurance that the law on data protection is complied with The guarantee that the data is not sold on or re-used A label or logo proving that the service is secure An individual file of my data and transactions so that I know what information about me is held Obtaining a receipt after providing information Information on the information system Information on how the data I have provided is used Testimonies of people who have used the system. page 2
  • 3. What citizens expect ? Factors encouraging the use of e-Services If my privacy is completely respected If I can choose which personal data I want to provide If the service is free If the service saves me time If it is very easy to register If my friends have strongly recommended it to me Who should offer these services A government organization (federal, local), A company, a specialist service provider A non-profit organization page 3
  • 4. To summarize ... Active and responsible relation is expected with Public Services Simplification and rapidity as issuing conditions to the usage of e- Services to organize “my” everiday life Transparency Methods of conserving and consulting data Conditions for storing this data Controls in place, also for subcontractors involved in processing the personal data Consistency intra- and between platforms (codes, signs and products) No extra cost page 4
  • 5. e-Depot :Overview Notary 1 2 3 4 5 e-Notariat interface Consult Monitor the Write deed Deposit digital Update e-Gov authentic status of and extracts deed sources sources deposits e-Gov interface Moni- National Bis Company Justice teur register register register files Belge (*) Dep. Social Inneres security Dep. Economy Department Justice (*) Belgian Official Gazette Clerk Citizen page 5
  • 6. e-Depot: Partnership & SOA infrastructure Tracebility through “Certificates chain” and “Timestamping” (XAdES standards) Social Server KSZ security NationalServer RRN register Server Server L AM n rtio üS (3) se as Logs Notaris 4 Notary 4 eID Real Server Server r Card certificaat certificaat Nat N 4 1 Nat Nr eID 2 Nat Nr eID Notaris Notary KFBN Server FRNB Server Federal Server FSB service bus (FSB) Server 6 5/7 Notaris Notary FOD/Justitie Dep. Justice FOD/Economie Dep. Economy Server Server Server Server page 6
  • 7. e-Depot: New workflow Find physical(s) person(s) FPHP by National number Dep. RRN Inneres Notary Notariaat Find foreign natural person(s) Social KSZ security Creation / Update of data FMOP Find a moral person (company’s / enterprise’s) FOD Dep. FRNB Portal economy Economie Deed preparation PRSU Deed processing Federal service bus (FSB) Creation of a new enterprise Dep. FOD ( New Enterprise number created ) economy Economie KFBN FSB -NOT - Deposition of deeds Dep. FOD e-Depot Justice ( Submission of files, Justitie (web) number & date of deposit returned ) services Activation of the enterprise FOD Dep. Economie economy Publication in the “Moniteur” Dep. FOD Dep. Justice Justitie BS Justice ( Date of publication) FPHP = Manage phy sical person details FMOP = Manage mo ral person details Forward of the final status to Moniteur the network Dep. FOD Belge PRSU = Process sub mittal of an electronic notary deed Justice Justitie page 7
  • 8. e-Depot: A best practice We meet the “Trust” requirements: « Authentic digital Act Signed Electronically » Recognition: & http://www.epractice.eu/cases/edepot page 8
  • 9. OASIS: Overview Registre national DMFA Dimona Chômage Chantiers (ONEM) (Construction) Travail- Employ- leurs eurs Comptes & recouvrements Actions sur les «Sources authentiques» Vue «Employeur » Déclarations Vue «Travailleur » Fichier Dettes TVA TVA Clients-fournisseurs page 9
  • 10. OASIS: Outputs page 10
  • 11. OASIS: Outputs 9 page 11
  • 12. OASIS: Outputs page 12
  • 13. OASIS: Recognition “Crime such as fraud cause loss of revenue and require human resources to trace and handle them. Electronic systems for fraud detection can increase the detection rate by automatically carrying out checks and controls. The Belgian Anti-Fraud Datawarehouse project has developed a model whereby the need for precious resources in terms of both time and personnel has been cut and which has enabled more focused investigations leading to an increased apprehension rate. This example also illustrates as possible solution to tackle issues related to security and trust, a major concern for both front and back office users and for clients.” Ecrit par Christine Leitner (Head of eEurope Awards Project Management Secretariat and Senior Lecturer, EIPA Maastricht) dans la revue “Eipascope” numéro 2004/1 page 40. More details: http://www.epractice.eu/cases/OASIS2 page 13
  • 14. OASIS: What about « Big Brother » syndrome ? « Commission for the protection of privacy » special autorisation: Délibération n° 01/06 du 6 mars 2001 relative à une demande du Ministère des Affaires sociales, de la Santé publique et de l'Environnement pour la création et la gestion d'une banque de données OASIS, en vue de la lutte contre la fraude sociale dans les secteurs de la construction, de la construction métallique, de l'électricité et des parcs et jardins. Délibération n° 05/001 du 18 janvier 2005 relative à la création et gestion de la banque de données OASIS en vue de la lutte contre la fraude sociale - Extension de l'autorisation comprise dans la délibération n° 01/06 du 6 mars 2001. Encryption of the personal data For the detection process ... With limited opportunities to retrieve the original version In the investigation process page 14
  • 15. Positioning of Belgium Reliability of our Civil Register (Parent database) Contains the “founding documents” upon which identification security is to be based A unique identification system Not multiple unified or partitioned Traceability of all transactions performed, e.g. by Civil servants Example: “Mondossier” or “MyFile” e-ID as an electronic identification system guaranteed by the State A “Service-oriented” State in construction For the Individual/Citizen: State’s back office own structure hidden (“Citizen Centric”), facilitation for learning, promoting the service, accessibility and responsiveness (face-to-face and electronic) For government bodies: Migrate from paper-based to electronic culture, prioritization of the need for transparency, maintain “Social cohesion”, cross-functional shared framework (for the fluidity of the processing), Circle of Trust, legal validity of paperless procedures. page 15
  • 16. Positioning of Belgium Protection of individual’s privacy and personal data Principle of “end goals” (bind to mandates) and “proportionality” (Example: Driving licence = 18 or over  No need to know the age or date of birth) Five Trusted party commissions for privacy protection, compartmentalized by domain; Public-sector administration/Interior ministry Finance Health Social matters Justice Introduction or mixed access to commercial and non-commercial services carried out with great precision. ... And ensuring the public’s interests ! page 16
  • 17. Services Directive: Overview Abolish restrictive legislation and practices hindering service providers Set up Point of Single Contact Applicants must be able to: – Find rules and formalities they need to comply with – Complete applications electronically (submit application forms, supporting documents, fee payment) Autorités Compétentes « Interlocuteur Prestataire Prestataire unique » établi de services Guichet Unique Prestataire non établi Administration co-operation improved with counterparts in other EU countries page 17
  • 18. Services Directive: Issues Recognition of electronic documents across Member States (MS) borders, requires: Common set - or at least understanding – of signature and document formats (structured and unstructured) Necessary information for validation of e-Docs Signature format for (qualified) electronic signature should be defined Date of public registers has to be accessible (read only) to authorities of MS, involves questions: How to identify a requesting authority?  eID LSP STORK How to search for and find a certain record in accordance with national data protection rules? How to retrieve and validate it? page 18
  • 19. Services Directive: Issues (continue) Point of Single Contact Authentication Service Federal Authentication Service + Federated Identity and CA Access Management (FIAM) CA FAS CA + Trust relationship IdP CA PsC IdP SSO IdP SP IdP SP SP SP SP SP IdP: Identity provider SSO: Single-sign-on SP: Service provider CA: Certification authority page 19
  • 20. Services Directive: Issues (continue) e-Delivery service MS A Additional issues e-Procedure e-Doc safe MS B page 20
  • 21. Services Directive: Issues (continue) National e-delivery systems have to become interoperable: How can a sending authority find the appropriate messaging service? How to interface with it? How to identify individual recipients and their addresses? How to get confirmation of delivery and receipt? Data safes can make online transactions during an official procedure more efficient, comfortable and user friendly, but: How to access an e-Document safe of MS A across borders during an electronic transaction in MS B? How to retrieve a particular document? How to authorise public authorities for asynchronous access to data safes? Is there a need for a standard document inventory to find equivalent in other MS? page 21
  • 22. Services Directive: Issues (continue) Cross border payment of administrative fees: Service providers should be able to use their local payment system (e.g. credit card and online banking) with foreign public administrations Common service directory needed: Description of service interface as well as of process models Service orientation independently of a particular national portal Allowing integration (partial or complete) in others MS ! page 22
  • 23. Conclusion Authority Trust Traceability Transparency = Four “untouchable” fundamental components !  Included in our future work to avoid… page 23
  • 24. Q&A page 24